“For example, Schneier and other experts testified that the same poor security exists in computers making their way into hospitals, including those used to manage elevators and ventilation systems. It’s not hard to imagine a fatal disaster, which makes it imperative that the government step in to fix this “market failure,” he said.
The problems with IoT devices are worsening because manufacturers lack incentives to prioritize security. Even if consumers wanted to assess the relative security of Internet-connected thermostats and other devices, there are no established ratings or other measures.
There is little disagreement that the government should do something about this, since so many critical systems are vulnerable to attacks like the one that hit Dyn. Exactly how the government should handle the situation, however, is a subject of an intensifying debate in Washington—one that won’t be settled before President-elect Donald Trump takes office. Business groups such as the U.S. Chamber of Commerce and the Consumer Technology Association argue that new regulations on IoT devices could hinder innovation.”
Look, I don’t really trust the government to fix IOT security. This is the same government that thinks they can have a backdoor into any device and that it’s still secure after all. On the other hand, when these devices get hacked and cause real harm, there need to be consequences for that. If my smart-home gets hacked, and the power goes out, disrupting my business, or god forbid, causing the death of someone from heat exposure or freezing, I should be able to sue to manufacturer for negligence. A couple of multi-million dollar wrongful death suits will properly incentivize manufacturers to make more secure devices, wouldn’t it?